49.6 Defining Application Profiles

An Application Profile defines the client application that will consume services provided by the Service Providers.

A single Application Profile can be assigned to multiple Service Domains.

The following topics include information on how to define Application Profiles:

• Creating an Application Profile

• Editing or Deleting an Application Profile

49.6.1 Creating an Application Profile

You can create an application profile from the Mobile and Social Services configuration page.

To create:

1. Access the Mobile and Social Services configuration page.

   See Opening the Mobile and Social Services Configuration Page.

2. Click Create in the Application Profiles section.

   The Application Profiles Configuration page displays.

3. Enter values for the Application Profile general properties.

   Table 49-15 Application Profile General Properties

   Name	Notes
   Name	The value must be a unique one that distinguishes the application from all other applications on the server. This value and the application name value embedded in the client application must match.
   Description	(Optional) Type a short description that will help you or another Administrator identify this service in the future.

4. Enter name-value pairs for the attributes used by the Mobile and Social server to perform server functions for this application; for example, creating a Client Registration Handle.

   • Mobile.clientRegHandle.baseSecret is a mandatory attribute used by the server as a private secret to sign each Client Registration Handle for this application.

   • userId4BasicAuth is the user ID attribute used by the server and the application to perform HTTP Basic authentication.

     See Protecting the Mobile Client Registration Endpoint.

   • sharedSecret4BasicAuth is the shared secret attribute used by the server and application to perform HTTP Basic authentication.

5. Define the Mobile Application Profile properties.

   • Jailbreak Detection - Select the Enabled box to activate Jailbreak Detection for this application, or clear the box to disable it. If Jailbreak Detection is grayed out, the Jailbreak Detection Policy is disabled in Mobile and Social.

     See Using the Jailbreak Detection Policy.

   • Mobile Configuration - Select this option to expose additional mobile configuration settings on the Application Profile Configuration page.

6. Click Create to create the Application Profile configuration object.

   See Editing or Deleting an Application Profile for information about properties that you can configure only after you have already created an Application Profile.

49.6.2 Editing or Deleting an Application Profile

You can edit or delete an Application Profile.

To edit or delete an Application Profile:

1. Select the definition in the panel.
2. Click Edit or Delete on the panel's tool bar.

49.6.3 Application Profile Properties

When you edit a User Profile Service Provider that you or another Administrator has already created, the additional Application Profile properties appears.

The additional Application Profile properties are as follows:

• Configuration Settings

  • Profile Cache Duration - The maximum amount of time that the Application Profile details cached on the mobile device will remain valid. If the time is elapsed when the mobile client application requests the Application Profile, the cached Profile is replaced with a freshly downloaded version. If the time is not elapsed, the cached Profile is used.

  • Authentication Retry Count - The maximum number of retries that a User is allowed if invalid credentials are provided during registration/authentication. This setting is not honored in the iOS Mobile SDK.

  • Offline Authentication - Select the Allowed box to allow users to log in and authenticate to the application locally. Clear the box to block users from authenticating locally.

  • Claim Attributes - The set of attributes that will be fetched from the device and passed to the server during registration/authentication.

  • Social Identity WebView - Choose Embedded if users should be presented with the Mobile and Social login page inside the application using the embedded WebView class, or choose External if the login page should be presented in an external browser.

• Platform Specific Settings

  • URL Scheme - Type the URL scheme that is used to invoke this mobile client application, as configured in the application itself.

  • Apple iOS Bundle ID - Type the unique Bundle ID that is configured in the mobile client application. Each iOS mobile application has a unique Bundle ID.

  • Android Package - Type the fully qualified name of an activity in the Android application. This activity should have <data android:scheme="xyz" /> in its <intent-filter>.

    Note:

    The scheme (xyz) should be the same as the URL scheme.

    For details regarding the <data> element, please see the following web page:

    http://developer.android.com/guide/topics/manifest/data-element.html

  • Android Application Signature - Enter the signature of the Android application. You can obtain the signature from the certificate with which the application is signed. On Linux, you can obtain the signature using the following command:

    keytool -exportcert -alias <alias_name> -keystore <keystore_name> -storepass <keystore_password> | xxd -c 256 -ps

    Note:

    The signature obtained using the above command will have a carriage return after 256 characters. Remove it before entering the signature in this field.

    You can also retrieve the signature programmatically.

    See "Invoking the Mobile Single Sign-on Agent App" in the Oracle Fusion Middleware Developer's Guide for Oracle Access Management.

• Custom Settings / Mobile Custom Attributes - Configure attributes or properties specific to the mobile client application. Mobile Custom Attributes are returned by the server to the mobile application as part of the Application Profile